{"vulnerability": "cve-2022-2073", "sightings": [{"uuid": "b9b2d988-79c9-44a5-9c75-077a3a7baaef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20737", "type": "seen", "source": "https://t.me/ptswarm/122", "content": "\ud83d\udc8eCisco fixed an Authenticated Heap Overflow Vulnerability (CVE-2022-20737) in Cisco ASA found by our researcher Nikita Abramov.\n\nThe vulnerability allows an attacker to cause a DoS or to obtain portions of process memory from the device.\n\nThe advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-heap-zLX3FdX", "creation_timestamp": "2022-04-29T11:55:01.000000Z"}, {"uuid": "fec069d6-3ace-4405-b1c8-ff56a52cb1f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20737", "type": "seen", "source": "https://t.me/cKure/9505", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Cisco fixed an Authenticated Heap Overflow Vulnerability (CVE-2022-20737) in Cisco ASA found by 'PT Swarm' researcher Nikita Abramov.\n\nThe vulnerability allows an attacker to cause a DoS or to obtain portions of process memory from the device.\n\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-heap-zLX3FdX", "creation_timestamp": "2022-05-12T00:23:05.000000Z"}, {"uuid": "d2d13f90-0db3-4b7b-864f-ca08bbb4470f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20734", "type": "seen", "source": "https://t.me/cibsecurity/41946", "content": "\u203c CVE-2022-20734 \u203c\n\nA vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-04T20:35:39.000000Z"}, {"uuid": "c4a8ff49-e781-4ee5-875c-7bd5ca325cb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20738", "type": "seen", "source": "https://t.me/cibsecurity/37243", "content": "\u203c CVE-2022-20738 \u203c\n\nA vulnerability in the Cisco Umbrella Secure Web Gateway service could allow an unauthenticated, remote attacker to bypass the file inspection feature. This vulnerability is due to insufficient restrictions in the file inspection feature. An attacker could exploit this vulnerability by downloading a crafted payload through specific methods. A successful exploit could allow the attacker to bypass file inspection protections and download a malicious payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-10T20:17:21.000000Z"}, {"uuid": "9f074683-7032-4883-b541-bbe63f041864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20735", "type": "seen", "source": "https://t.me/cibsecurity/40857", "content": "\u203c CVE-2022-20735 \u203c\n\nA vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. These actions could include modifying the system configuration and deleting accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T18:20:16.000000Z"}, {"uuid": "fac7e96f-d8cb-4344-adde-bdf9397b5b64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20739", "type": "seen", "source": "https://t.me/cibsecurity/40852", "content": "\u203c CVE-2022-20739 \u203c\n\nA vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected system as a low-privileged user to exploit this vulnerability. This vulnerability exists because a file leveraged by a root user is executed when a low-privileged user runs specific commands on an affected system. An attacker could exploit this vulnerability by injecting arbitrary commands to a specific file as a lower-privileged user and then waiting until an admin user executes specific commands. The commands would then be executed on the device by the root user. A successful exploit could allow the attacker to escalate their privileges on the affected system from a low-privileged user to the root user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T18:20:07.000000Z"}, {"uuid": "ecaa97a3-4b34-42c6-bdf0-ba2f1e0ac69c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20737", "type": "seen", "source": "https://t.me/xakep_ru/12411", "content": "\u0411\u0430\u0433 \u0432 Cisco ASA \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043f\u0430\u0441\u0442\u044c \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u044e\u044e \u0441\u0435\u0442\u044c\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u0443\u0447\u0438 (CVE-2022-20737, 8,5 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS 3.0) \u0432 Cisco Adaptive Security Appliance (ASA), \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c Positive Technologies \u041d\u0438\u043a\u0438\u0442\u043e\u0439 \u0410\u0431\u0440\u0430\u043c\u043e\u0432\u044b\u043c. \u0411\u0430\u0433 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS) \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u0438\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0435\u0433\u043e \u043f\u0430\u043c\u044f\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e.\n\nhttps://xakep.ru/2022/05/25/cisco-asa-bug/", "creation_timestamp": "2022-05-25T15:38:43.000000Z"}]}